So We're Sharing Our Social Security Numbers on Social Media Now

contributing editor

October 4, 2013 // 02:50 PM EST

Copy This URL

We all know that people overshare on social media and are blasé about privacy and all that. But a recent security survey by Visa found that 7 percent of Americans even admit to having shared their social security number on social media.

Let me repeat that. Not their birthday or phone number, their social security number. Not over email or phone or shouted loudly on a bus—but written down for all time and for all eyes on the likes of Facebook and Twitter. And that’s just the ones that admitted to it.

Suffice it to say, divulging this level of personal information seriously raises your risk of becoming a victim of identity theft. As soon as your social security number is making the rounds through the not-at-all-secure social web, it’s vulnerable to access by hackers and cybercriminals. And since the number is like the holy grail of personal identification, fraudsters can use it to steal your identity, max out your credit cards, ruin your life, and hop the first flight to Tahiti.

Don’t take my word for it: According to the latest consumer security report by Javelin Strategy & Research, users whose social security numbers were exposed online were five times more likely to become fraud victims.

So why are people doing it? The answer to that is nuanced, but a big part of the reason is ignorance—and laziness. So many places ask for our number these days, people have become used to doling it out left and right without hesitation. But often, just because an organization is asking for it, that doesn't mean it's legally necessary for them to obtain it. To that end, and to head off the sneaky bastards, here are the legitimate situations in which to give out those sacred digits, according to the US Social Security Administration.

Internal Revenue Service for tax returns and federal loans
Employers for wage and tax reporting purposes
Employers enrolled in E-Verify
States for the school lunch program
Banks for monetary transactions
Veterans Administration as a hospital admission number
Department of Labor for workers’ compensation
Department of Education for Student Loans
States to administer any tax, general public assistance, motor vehicle or drivers license law within its jurisdiction
States for child support enforcement
States for commercial drivers’ licenses
States for Food Stamps
States for Medicaid
States for Unemployment Compensation
States for Temporary Assistance to Needy Families
U.S. Treasury for U.S. Savings Bonds

Note the absence of any social networking sites on the list. Note it well.

Now if you’re in the 93 percent of people not broadcasting your social security number all over the internet, you’re not necessarily off the hook. The Visa survey found that the majority of people—58 percent—post too-personal information on social media that puts them at risk of identity theft or fraud.

Researchers surveyed 1,000 people from across the US and found 20 percent of respondents divulged their home address, 50 percent gave their birthday, 29 percent gave their phone number, and 14 gave their mother’s maiden name.

Sharing even these basic personal anecdotes is a potential problem because, it can be used by phishing scammers to earn your trust in order to get you to reveal even more info—the stuff they really want like your credit card number.

“Oversharing personal information is helping criminals to become more effective in targeting businesses with scams like email phishing,” Jennifer Fischer, Head of Visa's Americas Payment System Security, told USA Today. “The more information you provide on social media, the better equipped criminals are to incorporate that same information to make their fraudulent message more believable.”

But even those who know better than to do something so obviously fraut, your social media profile might be more telling than you want. Social security numbers for anyone born after 1988 aren't actually random. The digits correspond to things like where you received your number, when and where you applied for it, and when you were born—stuff that's all pretty easy to gather from your Facebook profile, depending on what you’ve put out there. The Social Security Administration corrected this problem in June 2011, but people born in the 23 years in between remain vulnerable.

Openness and connectedness and sharing remain the point of social networks, and virtues of this, the internet age. But to navigate the world safely, the old virtues of discretion and a healthy skeptism still reign.